Comment by Jonathan Price on December 31, 2012 at 5:52pm

Critical parts of Paparazzi are generated code. The failsafe and a couple of other components are written in ML, which is compiled to C, then the C is compiled to machine code.

The ML code is supposed to be verifiable and foolproof, but to me it just looks like any other programming language except lacking many familiar types and libraries, When I used to work on it, they had to put special comments in the ML code to ensure that the generated C used native integers rather than the ridiculous ML types.

I understand why they did it that way, but to me, the reasoning always had a few fatal flaws:

• I never understood why the code validation couldn't be performed with any other more familiar language. There was nothing really special about ML or the C that it generated.
• The limitations of ML required that there be low-level kludges to make it run on the hardware. Obviously these changes invalidated the generated code.
• ML was so limited and esoteric that it would have been impossible to code everything in it. This meant that only a small fraction of the compiled C code was actually generated. Supposedly, the code is structured such that the C-coded parts can't possibly halt the ML-coded parts, but i think we all know that's impossible to guarantee on a microcontroller. 

Comment by Sam Short on January 1, 2013 at 12:02am

Don't run M$ Windows

Comment by Jan Detlefsen on January 1, 2013 at 4:16am

Skynet

Developer Comment by John Arne Birkeland on January 1, 2013 at 10:37am

A computer program still only does the logic a human tells it to do, no matter how 'synthesized" the code is. So unless there is some auto-magically way to correct for human error, perfect software will still remain a dream for a long, long time.

Developer Comment by R_Lefebvre on January 1, 2013 at 11:15am

Sounds to me like an answer to a question that wasn't asked.  

Or maybe the question was "How can we blow another $10M taxpayer dollars without actually accomplishing anything."  In which case this is a great answer. 

Comment by Cliff-E on January 2, 2013 at 8:23am

Looks like folks at DARPA forgot about MILSTD2167A and 498. Oh wait they got rid of them in the early 00's and other worthwhile standards/practices. Even SEI certs are becoming irrelevant in that industry in the "coolness" of agile/AD techniques.

Drones in general will define a new meaning to mission critical when we have hundreds of these things flying around over the general public. So far DARPA thinks they can get mission critical s/w for pennies on the dollar with crowd sourcing, F/OSS, animation, & video gaming technology.

Dr. Fisher is nothing more chasing a red herring DARPA has been at for some time. Back in the day I remember it was Ada (yes a full language), XDR, IDL (DCOM for you MS fans), or modeling based (DeMarco, Hatley-Pirbhai, UML, UDF, XML). Some code generation methods worked (I recall using XDR in sats still flying for orbcomm), some didn't (UML).

I wonder if any of those research funds are going to SEI at CMU, they've been working with DoD on this problem for decades. For some reason I think it's going to another university (her alma mater?)...

Comment by Marooned on January 2, 2013 at 8:58am

I once had a program that had a huge set of functions a user could enable (trigonometric like sin, cos,... power like x^2, x^3, log, and others). User plotted a graph by a mouse and the program used genetic algorithm to find the closest matching function. It started with a total random equation and on each iteration it was checking different sets getting closer and closer to a defined result.

This sounds a bit similar to me.

Comment by Flying Monkey on January 2, 2013 at 3:42pm

SkyNet

Comment by Supersuade on January 8, 2013 at 9:15pm

What about using genetic algorithms to generate control code? I was introduced to this technique years ago and I found its ability to solve complex problems quickly inspiring. 

And creepy. 

I am excited about creating contained self learning machines, but strapping missiles to them and teaching them to kill is just stupid. 

Comment